Limited Time Discount Offer 30% Off - Ends in 0d 00h 00m 00s - Coupon code: best30

CISA Certified Information Systems Auditor Questions and Answers

Questions 4
<摩瘠捬慳猽≱略獴楯湃潮瑥湴∾㱰㹄略⁴漠瑨攠楮捲敡獩湧⁳楺攠潦⁡⁤慴慢慳攬⁵獥爠慣捥獳⁴業敳⁡湤⁤慩汹⁢慣歵灳⁣潮瑩湵攠瑯⁩湣牥慳攮⁗桩捨映瑨攠景汬潷楮朠睯畬搠扥⁴桥⁂䕓吠睡礠瑯⁡摤牥獳⁴桩猠獩瑵慴楯渿㰯瀾㰯摩瘾

Options:

A.

Data modeling

B.

Data purging

C.

Data visualization

D.

Data mining

Buy Now
Questions 5
㱤楶⁣污獳㴢煵敳瑩潮䍯湴敮琢㸼瀾坨楣栠潦⁴桥⁦潬汯睩湧⁩猠瑨攠䵏協⁩浰潲瑡湴⁰牯捥獳⁴漠敮獵牥⁰污湮敤⁉吠獹獴敭⁣桡湧敳⁡牥⁣潭灬整敤⁩渠慮⁥晦楣楥湴慮湥爿㰯瀾㰯摩瘾

Options:

A.

Incident management

B.

Demand management

C.

Release management

D.

Configuration management

Buy Now
Questions 6
<摩瘠捬慳猽≱略獴楯湃潮瑥湴∾㱰㹔漠摥癥汯瀠愠牯扵獴⁤慴愠獥捵物瑹⁰牯杲慭Ⱐ瑨攠䙉剓吠捯畲獥映慣瑩潮⁳桯畬搠扥⁴漺㰯瀾㰯摩瘾

Options:

A.

perform an inventory of assets.

B.

implement data loss prevention controls.

C.

interview IT senior management.

D.

implement monitoring, controls

Buy Now
Questions 7
㱤楶⁣污獳㴢煵敳瑩潮䍯湴敮琢㸼瀾䅮⁉匠慵摩瑯爠牥癩敷楮朠瑨攠慣煵楳楴楯渠潦敷⁥煵楰浥湴⁷潵汤⁣潮獩摥爠睨楣栠潦⁴桥⁦潬汯睩湧⁴漠扥⁡⁳楧湩晩捡湴⁷敡歮敳猿㰯瀾㰯摩瘾

Options:

A.

Evaluation criteria when finalized after the initial assessment of responses

B.

Staff involved in the evaluation were aware of the vendors being evaluated.

C.

Independent consultants prepared the request for proposal (RFP) documents.

D.

The closing date for responses was extended after a request from potential vendors.

Buy Now
Questions 8
㱤楶⁣污獳㴢煵敳瑩潮䍯湴敮琢㸼瀾周攠物獫⁴桡琠瑨攠䥓⁡畤楴潲⁷楬氠湯琠晩湤⁡渠敲牯爠瑨慴⁨慳捣畲牥搠楳⁩摥湴楦楥搠批⁷桩捨映瑨攠景汬潷楮朠瑥牭猿㰯瀾㰯摩瘾

Options:

A.

Prevention

B.

Inherent

C.

Detection

D.

Control

Buy Now
Questions 9
㱤楶⁣污獳㴢煵敳瑩潮䍯湴敮琢㸼瀾䥮桥牥湴⁲楳欠牡瑩湧⁡牥⁤整敲浩湥搠批⁡獳敳獩湧⁴桥⁩浰慣琠慮搠汩步汩桯潤映愠瑨牥慴爠癵汮敲慢楬楴礠潣捵牲楮机㰯瀾㰯摩瘾

Options:

A.

Before the risk appetite Is established

B.

After compensating have been applied

C.

After internal controls are taken into account.

D.

Before internal controls are taken into account.

Buy Now
Questions 10
㱤楶⁣污獳㴢煵敳瑩潮䍯湴敮琢㸼瀾䅮牧慮楺慴楯渠畳楮朠楮獴慮琠浥獳慧楮朠瑯⁣潭浵湩捡瑥⁷楴栠捵獴潭敲猠灲敶敮琠汥杩瑩浡瑥⁣畳瑯浥牳⁦牯洠扥楮朠業灥牳潮慴敤⁢示㰯瀾㰯摩瘾

Options:

A.

Authentication users before conversation are initiated.

B.

Using firewall to limit network traffic to authorized ports.

C.

Logging conversation.

D.

Using call monitoring.

Buy Now
Questions 11
㱤楶⁣污獳㴢煵敳瑩潮䍯湴敮琢㸼瀾䄠捯浰慮礠污灴潰⁨慳⁢敥渠獴潬敮⁡湤⁡汬⁰桯瑯猠潮⁴桥慰瑯瀠桡癥⁢敥渠灵扬楳桥搠潮⁳潣楡氠浥摩愮⁗桩捨映瑨攠景汬潷楮朠楳⁴桥⁉匠慵摩瑯爧猠䉅協⁣潵牳攠潦⁡捴楯渿㰯瀾㰯摩瘾

Options:

A.

Determine if the laptop had the appropriate level of encryption

B.

Verify the organization's incident reporting policy was followed

C.

Ensure that the appropriate authorities have been notified

D.

Review the photos to determine whether they were for business or personal purposes

Buy Now
Questions 12
<摩瘠捬慳猽≱略獴楯湃潮瑥湴∾㱰㹗桥渠摥癥汯灩湧⁡⁲楳欭扡獥搠䥓⁡畤楴⁰污測⁴桥⁐剉䵁剙⁦潣畳⁳桯畬搠扥渠晵湣瑩潮猺㰯瀾㰯摩瘾

Options:

A.

with the most ineffective controls.

B.

with the greatest number of threats.

C.

considered critical to business operations.

D.

considered important by IT management

Buy Now
Questions 13
㱤楶⁣污獳㴢煵敳瑩潮䍯湴敮琢㸼瀾坨楣栠潦⁴桥⁦潬汯睩湧⁰牯瑥捴猠慧慩湳琠瑨攠業灡捴映瑥浰潲慲礠慮搠牡灩搠摥捲敡獥猠潲⁩湣牥慳敳⁩渠敬散瑲楣楴礿㰯瀾㰯摩瘾

Options:

A.

Emergency power-off switch

B.

Stand-by generator

C.

Redundant power supply

D.

Uninterruptible power supply (UPS)

Buy Now
Questions 14
㱤楶⁣污獳㴢煵敳瑩潮䍯湴敮琢㸼瀾坨楣栠潦⁴桥⁦潬汯睩湧⁩猠慮⁉匠慵摩瑯爠猠䝒䕁呅協⁣潮捥牮⁷桥渠慮牧慮楺慴楯渠摯敳潴⁲敧畬慲汹⁵灤慴攠獯晴睡牥渠楮摩癩摵慬⁷潲歳瑡瑩潮猠楮⁴桥⁩湴敲湡氠敮癩牯湭敮琿㰯瀾㰯摩瘾

Options:

A.

The organization may be more susceptible to cyber-attacks.

B.

The organization may not be in compliance with licensing agreement.

C.

System functionality may not meet business requirements.

D.

The system may have version control issues.

Buy Now
Questions 15
㱤楶⁣污獳㴢煵敳瑩潮䍯湴敮琢㸼瀾䅮⁉匠慵摩瑯爠桡猠慳獥獳敤⁡⁰慹牯汬⁳敲癩捥⁰牯癩摥狃ꋢ芬ꉳ⁳散畲楴礠灯汩捹⁡湤⁦楮摳⁳楧湩晩捡湴⁴潰楣猠慲攠浩獳楮朮⁗桩捨映瑨攠景汬潷楮朠楳⁴桥⁡畤楴潲쎢곢蒢猠䉅協⁣潵牳攠潦⁡捴楯渿㰯瀾㰯摩瘾

Options:

A.

Recommend the service provider update their policy

B.

Report the risk to internal management

C.

Notify the service provider of the discrepancies.

D.

Recommend replacement of the service provider

Buy Now
Questions 16
<摩瘠捬慳猽≱略獴楯湃潮瑥湴∾㱰㹗桩捨映瑨攠景汬潷楮朠楳⁴桥⁂䕓吠獯畲捥映楮景牭慴楯渠睨敮⁡獳敳獩湧⁴桥⁡浯畮琠潦⁴業攠愠灲潪散琠睩汬⁴慫政㰯瀾㰯摩瘾

Options:

A.

Critical path analysis

B.

Workforce estimate

C.

GANT chart

D.

Scheduling budget

Buy Now
Questions 17
㱤楶⁣污獳㴢煵敳瑩潮䍯湴敮琢㸼瀾周攠䵁䩏删牥慳潮⁦潲⁳敧牥条瑩湧⁴敳琠灲潧牡浳⁦牯洠灲潤畣瑩潮⁰牯杲慭猠楳⁴漺㰯瀾㰯摩瘾

Options:

A.

provide control over program changes

B.

limit access rights of IS staff to the development environment.

C.

provide the basis for efficient system change management

D.

achieve segregation of duties between IS staff and end users

Buy Now
Questions 18
㱤楶⁣污獳㴢煵敳瑩潮䍯湴敮琢㸼瀾坨楣栠潦⁴桥⁦潬汯睩湧⁩猠瑨攠䉅協⁷慹⁴漠晡捩汩瑡瑥⁰牯灥爠景汬潷⵵瀠景爠慵摩琠晩湤楮朿㰯瀾㰯摩瘾

Options:

A.

Conduct a surprise audit to determine whether remediation is in progress

B.

Schedule a follow-up audit for two weeks after the initial audit was completed

C.

Conduct a follow-up audit when findings escalate to incidents

D.

Schedule a follow-up audit based on remediation due dates.

Buy Now
Questions 19
<摩瘠捬慳猽≱略獴楯湃潮瑥湴∾㱰㹁⁤楳欠浡湡来浥湴⁳祳瑥淃ꋢ芬ꉳ⁐剉䵁剙⁦畮捴楯渠楳⁴漺㰯瀾㰯摩瘾

Options:

A.

Provide data on efficient disk usage.

B.

Deny access to disk resident data files.

C.

Monitor disk accesses for analytical review

D.

Provide the method of control for disk usage

Buy Now
Questions 20
㱤楶⁣污獳㴢煵敳瑩潮䍯湴敮琢㸼瀾坨楣栠潦⁴桥⁦潬汯睩湧⁩猠瑨攠䝒䕁呅協⁢敮敦楴映業灬敭敮瑩湧⁡渠䥔⁧潶敲湡湣攠獴牡瑥杹⁷楴桩渠慮牧慮楺慴楯渿㰯瀾㰯摩瘾

Options:

A.

IT projects are delivered on time and under budget

B.

Management is aware of IT-related risks.

C.

Employees understand roles and responsibilities

D.

Reporting and metrics become higher priority.

Buy Now
Questions 21
<摩瘠捬慳猽≱略獴楯湃潮瑥湴∾㱰㹁渠䥓⁡畤楴潲⁨慳⁦潵湤⁴桡琠慮牧慮楺慴楯渠楳⁵湡扬攠瑯⁡摤敷⁳敲癥牳渠摥浡湤⁩渠愠捯獴ⵥ晦楣楥湴慮湥爠坨楣栠潦⁴桥⁦潬汯睩湧⁩猠瑨攠慵摩瑯爠猠䉅協⁲散潭浥湤慴楯渿㰯瀾㰯摩瘾

Options:

A.

Upgrade hardware to newer technology.

B.

Increase the capacity of existing systems.

C.

Build a virtual environment

D.

Hire temporary contract workers for the IT function.

Buy Now
Questions 22
㱤楶⁣污獳㴢煵敳瑩潮䍯湴敮琢㸼瀾坨楬攠灥牦潲浩湧⁡⁲楳欭扡獥搠慵摩琬⁷桩捨映瑨攠景汬潷楮朠睯畬搠䉅協⁥湡扬攠慮⁉匠慵摩瑯爠瑯⁩摥湴楦礠慮搠捡瑥杯特⁲楳欿㰯瀾㰯摩瘾

Options:

A.

Understanding the business environment

B.

Understanding the control framework

C.

Adopting qualitative risk analysis

D.

Developing a comprehensive risk model

Buy Now
Questions 23
㱤楶⁣污獳㴢煵敳瑩潮䍯湴敮琢㸼瀾坨楣栠潦⁴桥⁦潬汯睩湧⁳桯畬搠扥⁴桥⁍体吠業灯牴慮琠捯湳楤敲慴楯渠睨敮⁥獴慢汩獨楮朠摡瑡⁣污獳楦楣慴楯渠獴慮摡牤猿㰯瀾㰯摩瘾

Options:

A.

Reporting metrics are established.

B.

An education campaign is established upon rollout.

C.

The standards comply with relevant regulations.

D.

Management supports the newly developed standards

Buy Now
Questions 24
㱤楶⁣污獳㴢煵敳瑩潮䍯湴敮琢㸼瀾䅮牧慮楺慴楯渠楳⁩渠瑨攠灲潣敳猠潦⁤散楤楮朠睨整桥爠瑯⁡汬潷⁡⁢物湧⁹潵爠潷渠摥癩捥
䉙佄⤠灲潧牡洮⁉映慰灲潶敤Ⱐ睨楣栠潦⁴桥⁦潬汯睩湧⁳桯畬搠扥⁴桥⁆䥒協⁣潮瑲潬⁲敱畩牥搠扥景牥⁩浰汥浥湴慴楯渿㰯瀾㰯摩瘾

Options:

A.

An accept able use policy

B.

Device registration

C.

Device baseline configurations

D.

An awareness program

Buy Now
Questions 25
<摩瘠捬慳猽≱略獴楯湃潮瑥湴∾㱰㹗桩捨映瑨攠景汬潷楮朠捯湴牯汳⁷楬氠䵏協⁥晦散瑩癥汹⁤整散琠楮捯湳楳瑥湴⁲散潲摳⁲敳畬瑩湧⁦牯洠瑨攠污捫映牥晥牥湴楡氠楮瑥杲楴礠楮⁡⁤慴慢慳攠浡湡来浥湴⁳祳瑥洿㰯瀾㰯摩瘾

Options:

A.

Concurrent access controls

B.

Incremental data backups

C.

Performance monitoring tools

D.

Periodic table link checks

Buy Now
Questions 26
㱤楶⁣污獳㴢煵敳瑩潮䍯湴敮琢㸼瀾䅮⁡畤楴潲⁩猠捲敡瑩湧⁡渠慵摩琠灲潧牡洠楮⁷桩捨⁴桥扪散瑩癥⁩猠瑯⁥獴慢汩獨⁴桥⁡摥煵慣礠潦⁰敲獯湡氠摡瑡⁰物癡捹⁣潮瑲潬猠楮⁡⁰慹牯汬⁰牯捥獳⸠坨楣栠潦⁴桥⁦潬汯睩湧⁷潵汤⁢攠䵏協⁩浰潲瑡湴⁴漠楮捬畤政㰯瀾㰯摩瘾

Options:

A.

Approval of data changes

B.

User access provisioning

C.

Segregation of duties controls

D.

Audit logging of administrative user activity

Buy Now
Questions 27
<摩瘠捬慳猽≱略獴楯湃潮瑥湴∾㱰㹔漠桥汰⁥湳畲攠瑨攠慣捵牡捹⁡湤⁣潭灬整敮敳猠潦⁥湤⵵獥爠捯浰畴楮朠潵瑰畴⁩琠楳⁍体吠業灯牴慮琠瑯⁩湣汵摥⁳瑲潮机㰯瀾㰯摩瘾

Options:

A.

documentation controls.

B.

change management controls.

C.

access management controls

D.

reconciliation controls

Buy Now
Questions 28
<摩瘠捬慳猽≱略獴楯湃潮瑥湴∾㱰㹗桥渠捯湤畣瑩湧⁡⁦潬汯眭異⁡畤楴渠慮牧慮楺慴楯渠猠晩牥睡汬⁣潮晩杵牡瑩潮Ⱐ瑨攠䥓⁡畤楴潲⁤楳捯癥牥搠瑨慴⁴桥⁦楲敷慬氠桡搠扥敮⁩湴敧牡瑥搠楮瑯⁡敷⁳祳瑥洠瑨慴⁰牯癩摥猠扯瑨⁦楲敷慬氠慮搠楮瑲畳楯渠摥瑥捴楯渠捡灡扩汩瑩敳⸠周攠䥓⁡畤楴潲⁳桯畬携㰯瀾㰯摩瘾

Options:

A.

review the compatibility of the new system with existing network controls

B.

consider the follow-up audit unnecessary since the firewall is no longer being used

C.

assess whether the integrated system addresses the identified risk

D.

evaluate whether current staff is able to support the new system

Buy Now
Questions 29
㱤楶⁣污獳㴢煵敳瑩潮䍯湴敮琢㸼瀾䅮牧慮楺慴楯渠桡猠潵瑳潵牣敤⁩瑳⁤慴愠汥慫慧攠浯湩瑯物湧⁴漠慮⁉湴敲湥琠獥牶楣攠灲潶楤敲
䥓倩⸠坨楣栠潦⁴桥⁦潬汯睩湧⁩猠瑨攠䉅協⁷慹⁦潲⁡渠䥓⁡畤楴潲⁴漠摥瑥牭楮攠瑨攠敦晥捴楶敮敳猠潦⁴桩猠獥牶楣政㰯瀾㰯摩瘾

Options:

A.

Review the data leakage clause in the SLA.

B.

verify the ISP has staff to deal with data leakage.

C.

Simulate a data leakage incident.

D.

Review the ISP's external audit report

Buy Now
Questions 30
<摩瘠捬慳猽≱略獴楯湃潮瑥湴∾㱰㹍体吠敦晥捴楶攠睡礠瑯⁤整敲浩湥⁩映䥔⁩猠浥整楮朠扵獩湥獳⁲敱畩牥浥湴猠楳⁴漠敳瑡扬楳栺㰯瀾㰯摩瘾

Options:

A.

a capability model.

B.

industry benchmarks

C.

key performance indicators (KPls).

D.

organizational goals.

Buy Now
Questions 31
<摩瘠捬慳猽≱略獴楯湃潮瑥湴∾㱰㹗桩捨映瑨攠景汬潷楮朠睯畬搠扥映䵏協⁣潮捥牮⁤畲楮朠慮⁡畤楴映慮⁥湤⵵獥爠捯浰畴楮朠獹獴敭⁣潮瑡楮楮朠獥湳楴楶攠楮景牭慴楯渿㰯瀾㰯摩瘾

Options:

A.

Audit logging is not available

B.

Secure authorization is not available

C.

System data is not protected.

D.

The system is not included in inventory.

Buy Now
Questions 32
㱤楶⁣污獳㴢煵敳瑩潮䍯湴敮琢㸼瀾䄠獥捵物瑹⁲敧畬慴楯渠牥煵楲敳⁴桥⁤楳慢汩湧映摩牥捴⁡摭楮楳瑲慴潲⁡捣敳献⁓畣栠慣捥獳畳琠潣捵爠瑨牯畧栠慮⁩湴敲浥摩慴攠獥牶敲⁴桡琠桯汤猠慤浩湩獴牡瑯爠灡獳睯牤猠景爠慬氠獹獴敭猠搠牥捯牤猠慬氠慣瑩潮献⁁渠䥓⁡畤楴潲⁳⁐剉䵁剙⁣潮捥牮⁷楴栠瑨楳⁳潬畴楯渠睯畬搠扥⁴桡琺㰯瀾㰯摩瘾

Options:

A.

it represents a single point of failure

B.

segregation of duties is not observed.

C.

it is not feasible to implement

D.

access logs may not be maintained

Buy Now
Questions 33
㱤楶⁣污獳㴢煵敳瑩潮䍯湴敮琢㸼瀾坨楣栠潦⁴桥⁦潬汯睩湧⁳桯畬搠扥映䵏協⁣潮捥牮⁴漠慮⁉匠慵摩瑯爠牥癩敷楮朠慮牧慮楺慴楯滃ꋢ芬ꉳ⁤楳慳瑥爠牥捯癥特⁰污渠⡄剐⤿㰯瀾㰯摩瘾

Options:

A.

Copies of the DRP are not kept in a secure offsite location.

B.

The CIO has not signed off on the DRP

C.

The disaster recovery steps are not detailed.

D.

The responsibility for declaring a disaster is not identified

Buy Now
Questions 34
<摩瘠捬慳猽≱略獴楯湃潮瑥湴∾㱰㹌潳猭獩瑥⁳捲楰瑩湧
塓匩⁡瑴慣歳⁡牥⁂䕓吠灲敶敮瑥搠瑨牯畧栺㰯瀾㰯摩瘾

Options:

A.

a three-tier web architecture.

B.

Secure coding practices

C.

application firewall policy settings

D.

use of common industry frameworks.

Buy Now
Questions 35
<摩瘠捬慳猽≱略獴楯湃潮瑥湴∾㱰㹗桩捨映瑨攠景汬潷楮朠愠牥捥湴⁩湴敲湡氠摡瑡⁢牥慣栬⁡渠䥓⁡畤楴潲⁷慳⁡獫敤⁴漠敶慬畡瑥⁩湦潲浡瑩潮⁳散畲楴礠灲慣瑩捥猠睩瑨楮⁴桥牧慮楺慴楯渮⁗桩捨映瑨攠景汬潷楮朠晩湤楮杳⁷潵汤⁢攠䵏協⁩浰潲瑡湴⁴漠牥灯牴⁴漠獥湩潲慮慧敭敮琿㰯瀾㰯摩瘾

Options:

A.

Desktop passwords do not require special characters

B.

Employees are not required to sign a non-compete agreement.

C.

Users lack technical knowledge related to security and data protection

D.

Security education and awareness workshops have not been completed

Buy Now
Questions 36
㱤楶⁣污獳㴢煵敳瑩潮䍯湴敮琢㸼瀾䅮⁉匠慵摩瑯爠獨潵汤⁥湳畲攠瑨慴⁡渠慰灬楣慴楯渧猠慵摩琠瑲慩氺㰯瀾㰯摩瘾

Options:

A.

has adequate security.

B.

is accessible online.

C.

does not impact operational efficiency

D.

logs all database records.

Buy Now
Questions 37
<摩瘠捬慳猽≱略獴楯湃潮瑥湴∾㱰㸮⸠䥭灬敭敮瑩湧⁷桩捨映瑨攠景汬潷楮朠睯畬搠䉅協⁡摤牥獳⁩獳略猠牥污瑩湧⁴漠瑨攠慧楮朠潦⁉吠獹獴敭猿㰯瀾㰯摩瘾

Options:

A.

IT project management

B.

Configuration management

C.

Application portfolio management

D.

Release management

Buy Now
Questions 38
㱤楶⁣污獳㴢煵敳瑩潮䍯湴敮琢㸼瀾䅮牧慮楺慴楯渠畳敳⁥汥捴牯湩挠晵湤猠瑲慮獦敲
䕆吩⁴漠灡礠楴猠癥湤潲献⁗桩捨映瑨攠景汬潷楮朠獨潵汤⁢攠慮⁉匠慵摩瑯爠猠䵁䥎⁦潣畳⁷桩汥⁲敶楥睩湧⁣潮瑲潬猠楮⁴桥⁡捣潵湴猠灡祡扬攠䅰灬楣慴楯渿㰯瀾㰯摩瘾

Options:

A.

Amount of disbursements

B.

Volume of transactions

C.

Changes to the vendor master file

D.

Frequency of transactions

Buy Now
Questions 39
<摩瘠捬慳猽≱略獴楯湃潮瑥湴∾㱰㹗桩捨映瑨攠景汬潷楮朠潢獥牶慴楯湳潴敤⁤畲楮朠愠牥癩敷映瑨攠潲条湩穡瑩潮⁳⁳潣楡氠浥摩愠灲慣瑩捥猠獨潵汤⁢攠潦⁍体吠捯湣敲渠瑯⁴桥⁉匠慵摩瑯爿㰯瀾㰯摩瘾

Options:

A.

The organization does not require approval for social media posts.

B.

Not all employees using social media have attended the security awareness program.

C.

The organization does not have a documented social media policy.

D.

More than one employee is authorized to publish on social media on behalf of the organization

Buy Now
Questions 40
<摩瘠捬慳猽≱略獴楯湃潮瑥湴∾㱰㹁渠潲条湩穡瑩潮⁨慳⁥獴慢汩獨敤⁴桲敥⁉匠灲潣敳獩湧⁥湶楲潮浥湴猺⁤敶敬潰浥湴Ⱐ瑥獴Ⱐ慮搠灲潤畣瑩潮⸠周攠䵁䩏删牥慳潮⁦潲⁳数慲慴楮朠瑨攠摥癥汯灭敮琠慮搠瑥獴⁥湶楲潮浥湴猠楳㰯瀾㰯摩瘾

Options:

A.

perform testing in a stable environment

B.

obtain segregation of duties between IS staff and end users.

C.

limit the users access rights to the test environment

D.

protect the programs under development from unauthorized testing

Buy Now
Questions 41
<摩瘠捬慳猽≱略獴楯湃潮瑥湴∾㱰㹁渠䥓⁡畤楴潲⁩猠楮癯汶敤⁩渠瑨攠畳敲⁴敳瑩湧⁰桡獥映愠摥癥汯灭敮琠灲潪散琮⁔桥⁤敶敬潰敲猠睩獨⁴漠畳攠愠捯灹映愠灥慫⁶潬畭攠瑲慮獡捴楯渠晩汥⁦牯洠瑨攠灲潤畣瑩潮⁰牯捥獳⁴漠獨潵汤⁴桡琠瑨攠摥癥汯灭敮琠捡渠捯灥⁷楴栠瑨攠牥煵楲敤⁶潬畭攠坨慴⁩猠瑨攠慵摩瑯爠猠偒䥍䅒夠捯湣敲渿㰯瀾㰯摩瘾

Options:

A.

Users may not wish for production data to be made available for testing.

B.

All functionality of the new process may not be tested.

C.

Sensitive production data may be read by unauthorized persons.

D.

The error-handling and credibility checks may not be fully proven

Buy Now
Questions 42
㱤楶⁣污獳㴢煵敳瑩潮䍯湴敮琢㸼瀾坨楣栠潦⁴桥⁦潬汯睩湧⁩猠䉅協⁡摤牥獳敤⁷桥渠畳楮朠愠瑩浥獴慭瀠睩瑨楮⁡⁤楧楴慬⁳楧湡瑵牥⁴漠摥汩癥爠獥湳楴楶攠晩湡湣楡氠楮景牭慴楯渿㰯瀾㰯摩瘾

Options:

A.

Authentication

B.

Nonrepudiation

C.

Data integrity

D.

Replay protection

Buy Now
Questions 43
㱤楶⁣污獳㴢煵敳瑩潮䍯湴敮琢㸼瀾坨楣栠潦⁴桥⁦潬汯睩湧⁩猠愠牥慳潮⁦潲⁩浰汥浥湴楮朠愠摥捥湴牡汩穥搠䥔⁧潶敲湡湣攠浯摥氿㰯瀾㰯摩瘾

Options:

A.

Standardized controls and economies of scale

B.

Greater consistency among business units

C.

Greater responsiveness to business needs

D.

IT synergy among business units

Buy Now
Questions 44
<摩瘠捬慳猽≱略獴楯湃潮瑥湴∾㱰㹗桩捨映瑨攠景汬潷楮朠獨潵汤⁴桥⁉匠慵摩瑯爠摯⁆䥒協⁴漠敮獵牥⁤慴愠瑲慮獦敲⁩湴敧物瑹⁦潲⁉湴敲湥琠潦⁔桩湧猠⡬潔⤠摥癩捥猿㰯瀾㰯摩瘾

Options:

A.

Verify access control lists to the database where collected data is stored.

B.

Determine how devices are connected to the local network.

C.

Confirm that acceptable limits of data bandwidth are defined for each device.

D.

Ensure that message queue telemetry transport (MQTT) is used.

Buy Now
Questions 45
<摩瘠捬慳猽≱略獴楯湃潮瑥湴∾㱰㹗桩捨映瑨攠景汬潷楮朠摡瑡⁷潵汤⁢攠畳敤⁷桥渠灥牦潲浩湧⁡⁢畳楮敳猠業灡捴⁡湡汹獩猠⡂䥁⤿㰯瀾㰯摩瘾

Options:

A.

Cost benefit analysis of running the current business

B.

Projected impact of current business on future business

C.

Expected costs for recovering the business

D.

Cost of regulatory compliance

Buy Now
Questions 46
<摩瘠捬慳猽≱略獴楯湃潮瑥湴∾㱰㹒敱畩物湧⁴桡琠灡獳睯牤猠捯湴慩渠愠捯浢楮慴楯渠潦畭敲楣⁡湤⁡汰桡扥瑩挠捨慲慣瑥牳⁩猠䵏協⁥晦散瑩癥⁡条楮獴⁷桩捨⁴祰攠潦⁡瑴慣欿㰯瀾㰯摩瘾

Options:

A.

Dictionary

B.

Denial of service

C.

Social engineering

D.

Programmed

Buy Now
Questions 47
<摩瘠捬慳猽≱略獴楯湃潮瑥湴∾㱰㹗桩捨映瑨攠景汬潷楮朠獨潵汤⁢攠慮⁉匠慵摩瑯爧猠䙉剓吠慣瑩癩瑹⁷桥渠灬慮湩湧⁡渠慵摩琿㰯瀾㰯摩瘾

Options:

A.

Identify proper resources for audit activities.

B.

Gain an understanding of the area to be audited.

C.

Create a list of key controls to be reviewed.

D.

Document specific questions in the audit program

Buy Now
Questions 48
㱤楶⁣污獳㴢煵敳瑩潮䍯湴敮琢㸼瀾坨楬攠數散畴楮朠景汬潷⵵瀠慣瑩癩瑩敳Ⱐ慮⁉匠慵摩瑯爠楳⁣潮捥牮敤⁴桡琠浡湡来浥湴⁨慳⁩浰汥浥湴敤⁣潲牥捴楶攠慣瑩潮猠瑨慴⁡牥⁤楦晥牥湴⁦牯洠瑨潳攠潲楧楮慬汹⁤楳捵獳敤⁡湤⁡杲敥搠瑨攠慵摩琠晵湣瑩潮⸠䥮牤敲⁴漠牥獯汶攠瑨攠獩瑵慴楯測⁴桥⁉匠慵摩瑯爯Ⱐ䉅協⁣潵牳攠潦⁡捴楯渠睯畬搠扥⁴漺㰯瀾㰯摩瘾

Options:

A.

postpone follow-up activities and escalate the alternative controls to senior audit management

B.

schedule another audit due to the implementation of alternative controls.

C.

reject the alternative controls and re-prioritize the original issue as high risk.

D.

determine whether the alternative controls sufficiently mitigate the risk and record the results

Buy Now
Questions 49
㱤楶⁣污獳㴢煵敳瑩潮䍯湴敮琢㸼瀾䑵物湧⁴桥⁩浰汥浥湴慴楯渠潦⁡渠異杲慤敤⁥湴敲灲楳攠牥獯畲捥⁰污湮楮朠⡅剐⤠獹獴敭Ⱐ睨楣栠潦⁴桥⁦潬汯睩湧⁩猠瑨攠䵏協⁩浰潲瑡湴⁣潮獩摥牡瑩潮⁦潥⁡⁧漭汩癥⁤散楳楯渿㰯瀾㰯摩瘾

Options:

A.

Post-implementation review objectives

B.

Test cases

C.

Rollback strategy

D.

Business case

Buy Now
Questions 50
<摩瘠捬慳猽≱略獴楯湃潮瑥湴∾㱰㹄畲楮朠瑨攠灲潣畲敭敮琠灲潣敳猠睨楣栠潦⁴桥⁦潬汯睩湧⁷潵汤⁢攠瑨攠䉅協⁩湤楣慴楯渠瑨慴⁰牯獰散瑩癥⁶敮摯牳⁷楬氠浥整⁴桥牧慮楺慴楯渧猠湥敤猿㰯瀾㰯摩瘾

Options:

A.

service catalog is documented.

B.

An account transition manager has been identified.

C.

Expected service levels are defined

D.

The vendor's subcontractors have been identified

Buy Now
Questions 51
㱤楶⁣污獳㴢煵敳瑩潮䍯湴敮琢㸼瀾䅮⁉匠慵摩瑯爠楳⁥癡汵慴楮朠瑨攠汯朠浡湡来浥湴⁳祳瑥洠景爠慮牧慮楺慴楯渠睩瑨⁤敶楣敳⁡湤⁳祳瑥浳⁩渠浵汴楰汥⁧敯杲慰桩挠汯捡瑩潮献⁗桩捨映瑨攠景汬潷楮朠楳⁍体吠業灯牴慮琠景爠攠慵摩瑯爠瑯⁶敲楦礿㰯瀾㰯摩瘾

Options:

A.

Log files w concurrently updated

B.

Log files are encrypted and digitally signed.

C.

Log files are reviewed in multiple locations.

D.

Log files of the servers are synchronized.

Buy Now
Questions 52
㱤楶⁣污獳㴢煵敳瑩潮䍯湴敮琢㸼瀾䑵物湧⁡⁲敶楥眠潦⁡渠楮獵牡湣攠捯浰慮礠猠捬慩浳⁳祳瑥洬⁴桥⁉匠慵摩瑯爠汥慲湳⁴桡琠捬慩浳⁦潲⁳灥捩晩挠浥摩捡氠灲潣敤畲敳⁡牥⁡捣数瑡扬攠潮汹⁦牯洠晥浡汥猠周楳⁩猠慮⁥硡浰汥映愺㰯瀾㰯摩瘾

Options:

A.

logical relationship check

B.

key verification.

C.

completeness check.

D.

reasonableness check

Buy Now
Questions 53
<摩瘠捬慳猽≱略獴楯湃潮瑥湴∾㱰㹁渠潲条湩穡瑩潮⁨慳⁡杲敥搠瑯⁰敲景牭⁲敭敤楡瑩潮⁲敬慴敤⁴漠桩杨⵲楳欠慵摩琠晩湤楮杳⸠周攠牥浥摩慴楯渠灲潣敳猠楮癯汶敳⁡⁣潭灬數⁲敯牧慮楺慴楯渠潦⁵獥爠牯汥猠慳⁷敬氠慳⁴桥⁉浰汥浥湴慴楯渠潦⁳敶敲慬⁣潭灥湳慴楮朠捯湴牯汳⁴桡琠浡礠湯琠扥⁣潭灬整敤⁷楴桩渠瑨攠湥硴⁡畤楴⁣祣汥⁗桩捨映瑨攠景汬潷楮朠楳⁴桥⁂䕓吠睡礠景爠慮⁉匠慵摩瑯爠瑯⁦潬汯眠異渠瑨敩爠慣瑩癩瑩敳㼼⽰㸼瀾㰯瀾㰯摩瘾

Options:

A.

Provide management with a remediation timeline and verity adherence

B.

Schedule a review of the controls after the projected remediation date

C.

Review the progress of remediation on a regular basis

D.

Continue to audit the failed controls according to the audit schedule

Buy Now
Questions 54
<摩瘠捬慳猽≱略獴楯湃潮瑥湴∾㱰㹗桩捨映瑨攠景汬潷楮朠獨潵汤⁢攠潦⁇剅䅔䕓吠捯湣敲渠瑯⁡渠䥓⁡畤楴潲⁲敶楥睩湧⁴桥⁣潮瑲潬猠景爠愠捯湴楮畯畳⁳潦瑷慲攠牥汥慳攠灲潣敳猿㰯瀾㰯摩瘾

Options:

A.

Release documentation is not updated to reflect successful deployment

B.

Testing documentation is not attached to production releases.

C.

Developers are able to approve their own releases

D.

Test libraries have not been reviewed in over six months

Buy Now
Questions 55
<摩瘠捬慳猽≱略獴楯湃潮瑥湴∾㱰㹭慴畲楴礠浯摥氠楳⁵獥晵氠楮⁴桥⁡獳敳獭敮琠潦⁉吠獥牶楣攠浡湡来浥湴⁢散慵獥⁩琺㰯瀾㰯摩瘾

Options:

A.

defines the level of control required to meet business needs

B.

provides a benchmark for process improvement

C.

specifies the mechanism needed to achieve defined service levels

D.

indicates the service levels requited for the business area.

Buy Now
Questions 56
㱤楶⁣污獳㴢煵敳瑩潮䍯湴敮琢㸼瀾䉯瑨⁳瑡瑩獴楣慬⁡湤潮獴慴楳瑩捡氠獡浰汩湧⁴散桮楱略猺㰯瀾㰯摩瘾

Options:

A.

permit the auditor to quantify and fix the level of risk

B.

permit the auditor to quantity the probability of error,

C.

provide each item an equal opportunity of being selected,

D.

require judgment when defining population characteristics

Buy Now
Questions 57
<摩瘠捬慳猽≱略獴楯湃潮瑥湴∾㱰㹁渠䥓⁡畤楴潲潴敳⁴桡琠瑨攠慮瑩捩灡瑥搠扥湥晩瑳⁦牯洠慮湧潩湧⁩湦牡獴牵捴畲攠灲潪散瑳⁨慶攠捨慮来搠摵攠瑯⁲散敮琠潲条湩穡瑩潮慬⁲敳瑲畣瑵物湧⸠坨楣栠潦⁴桥⁦潬汯睩湧⁩猠瑨攠䥓⁡畤楴潲쎢곢蒢猠䉅協⁲散潭浥湤慴楯渿㰯瀾㰯摩瘾

Options:

A.

Review and reapprove the business case

B.

Review business goals and objectives

C.

Conduct a new feasibility study

D.

Review and update the business impact analysis (BIA)

Buy Now
Questions 58
<摩瘠捬慳猽≱略獴楯湃潮瑥湴∾㱰㹔漠捲敡瑥⁡⁤楧楴慬⁳楧湡瑵牥⁩渠愠浥獳慧攠畳楮朠慳祭浥瑲楣⁥湣特灴楯測⁩琠楳散敳獡特⁴漺㰯瀾㰯摩瘾

Options:

A.

First use a symmetric algorithm for the authentication sequence.

B.

encrypt the authentication sequence using a public key.

C.

transmit the actual digital signature in unencrypted clear text.

D.

encrypt the authentication sequence using a private key.

Buy Now
Questions 59
<摩瘠捬慳猽≱略獴楯湃潮瑥湴∾㱰㹗桩捨映瑨攠景汬潷楮朠睯畬搠扥⁴桥⁇剅䅔䕓吠捯湣敲渠睨敮⁡渠潲条湩穡瑩潮쎢곢蒢猠摩獡獴敲⁲散潶敲礠獴牡瑥杹⁵瑩汩穥猠愠捯汤⁳楴政㰯瀾㰯摩瘾

Options:

A.

The lack of hardware components availability

B.

The lack of electrical power connections

C.

The lack of appropriate environmental controls

D.

The lack of networking infrastructure

Buy Now
Questions 60
<摩瘠捬慳猽≱略獴楯湃潮瑥湴∾㱰㹁渠潲条湩穡瑩潮⁣潮獩摥牳⁩浰汥浥湴楮朠愠獹獴敭⁴桡琠畳敳⁡⁴散桮潬潧礠瑨慴⁩猠湯琠楮楮攠睩瑨⁴桥牧慮楺慴楯滃ꋢ芬ꉳ⁉吠獴牡瑥杹⸠坨楣栠潦⁴桥⁦潬汯睩湧⁩猠瑨攠䉅協畳瑩晩捡瑩潮⁦潲⁤敶楡瑩湧⁦牯洠瑨攠䥔⁳瑲慴敧礿㰯瀾㰯摩瘾

Options:

A.

The system makes use of state-of-the-art technology

B.

The organization has staff familiar with the technology

C.

The system has a reduced cost of ownership

D.

The business benefits are achieved even with extra costs

Buy Now
Questions 61
㱤楶⁣污獳㴢煵敳瑩潮䍯湴敮琢㸼瀾坨楣栠潦⁴桥⁦潬汯睩湧⁩猠瑨攠䵏協⁥晦散瑩癥⁷慹⁴漠楤敮瑩晹⁡湯浡汯畳⁴牡湳慣瑩潮猠睨敮⁰敲景牭楮朠愠灡祲潬氠晲慵搠慵摩琿㰯瀾㰯摩瘾

Options:

A.

Substantive testing of payroll files

B.

Data analytics on payroll data

C.

Observation of payment processing

D.

Sample-based review of pay stubs

Buy Now
Questions 62
㱤楶⁣污獳㴢煵敳瑩潮䍯湴敮琢㸼瀾䅮⁉匠慵摩瑯爠楳⁣潮摵捴楮朠愠灲攭業灬敭敮瑡瑩潮⁲敶楥眠瑯⁤整敲浩湥⁡敷⁳祳瑥洧猠灲潤畣瑩潮⁲敡摩湥獳⸠周攠慵摩瑯爧猠偒䥍䅒夠捯湣敲渠獨潵汤⁢攠睨整桥爺㰯瀾㰯摩瘾

Options:

A.

benefits realization has been evidenced

B.

there are unresolved high-risk items

C.

the project adhered to the budget and target date.

D.

users were involved in the quality assurance (QA) testing.

Buy Now
Questions 63
㱤楶⁣污獳㴢煵敳瑩潮䍯湴敮琢㸼瀾䅮牧慮楺慴楯渠慬汯睳⁩瑳⁥浰汯祥敳⁴漠畳攠灥牳潮慬潢楬攠摥癩捥猠景爠睯牫⸠坨楣栠潦⁴桥⁦潬汯睩湧⁷潵汤⁂䕓吠浡楮瑡楮⁩湦潲浡瑩潮⁳散畲楴礠睩瑨潵琠捯浰牯浩獩湧⁥浰汯祥攠灲楶慣礿㰯瀾㰯摩瘾

Options:

A.

Installing security software on the devices

B.

Restricting the use of devices for personal purposes during working hours

C.

Partitioning the work environment from personal space on devices

D.

Preventing users from adding applications

Buy Now
Questions 64
<摩瘠捬慳猽≱略獴楯湃潮瑥湴∾㱰㹗桩捨映瑨攠景汬潷楮朠쎂슻⁴桥⁍体吠業灯牴慮琠灲敲敱畩獩瑥⁦潲⁉浰汥浥湴楮朠愠摡瑡潳猠灲敶敮瑩潮
䑌倩⁴潯氿㰯瀾㰯摩瘾

Options:

A.

Developing a DLP policy and requiring signed acknowledgement by users.

B.

Requiring users to save files in secured folders instead of company-wide shared drive

C.

Identifying where existing data resides and establishing a data classification matrix.

D.

Reviewing data transfer logs to determine historical patterns of data flow

Buy Now
Questions 65
<摩瘠捬慳猽≱略獴楯湃潮瑥湴∾㱰㹁渠潲条湩穡瑩潮⁨慳⁰敲景牭慮捥整物捳⁴漠瑲慣欠桯眠睥汬⁉吠牥獯畲捥猠慲攠扥楮朠畳敤Ⱐ扵琠瑨敲攠桡猠扥敮楴瑬攠灲潧牥獳渠浥整楮朠瑨攠潲条湩穡瑩潮❳⁧潡汳⸠坨楣栠潦⁴桥⁦潬汯睩湧⁷潵汤⁢攠䵏協⁨敬灦畬⁴漠摥瑥牭楮攠瑨攠畮摥牬祩湧⁲敡獯渿㰯瀾㰯摩瘾

Options:

A.

Conducting a root cause analysis

B.

Re-evaluating organizational goals

C.

Re-evaluating key performance indicators (KPls)

D.

Conducting a business impact analysis (BIA)

Buy Now
Questions 66
<摩瘠捬慳猽≱略獴楯湃潮瑥湴∾㱰㹁渠䥓⁡畤楴潲⁩猠慳獩杮敤⁴漠牥癩敷⁴桥⁤敶敬潰浥湴映愠獰散楦楣⁡灰汩捡瑩潮⸠坨楣栠潦⁴桥⁦潬汯睩湧⁷潵汤⁢攠瑨攠䵏協⁳楧湩晩捡湴⁳瑥瀠景汬潷楮朠瑨攠晥慳楢楬楴礠獴畤礿㰯瀾㰯摩瘾

Options:

A.

Attend project progress meetings to monitor timely implementation of the application.

B.

Assist users in the design of proper acceptance-testing procedures.

C.

Follow up with project sponsor for project's budgets and actual costs.

D.

Review functional design to determine that appropriate controls are planned.

Buy Now
Questions 67
<摩瘠捬慳猽≱略獴楯湃潮瑥湴∾㱰㹉匠慵摩琠楳⁡獫敤‱〠數灬慩渠桯眠汯捡氠慲敡整睯牫
䱁丩⁳敲癥牳⁣慮⁣潮瑲楢畴攠瑯⁡⁲慰楤⁤楳獥浩湡瑩潮映癩牵獥献⁔桥⁉匠慵摩瑯爧猠䉅協⁲敳灯湳攠楳⁴桡琺㰯瀾㰯摩瘾

Options:

A.

the server's software is the prime target and is the first to be infected

B.

the server's operating system exchanges data with each station starting at every log-on.

C.

the server's file sharing function facilitates the distribution of files and applications.

D.

users of a given server have similar usage of applications and files.

Buy Now
Questions 68
㱤楶⁣污獳㴢煵敳瑩潮䍯湴敮琢㸼瀾周攠摥浩汩瑡物穥搠穯湥
䑍娩⁩猠瑨攠灡牴映愠湥瑷潲欠睨敲攠獥牶敲猠瑨慴⁡牥⁰污捥搠慲攺㰯瀾㰯摩瘾

Options:

A.

Running-mission critical, non-web application

B.

Interacting with the public internet

C.

Running internal department applications

D.

External to the organization

Buy Now
Questions 69
<摩瘠捬慳猽≱略獴楯湃潮瑥湴∾㱰㹗桩捨映瑨攠景汬潷楮朠獨潵汤⁢攠潦⁇剅䅔䕓吠捯湣敲渠瑯⁡渠䥓⁡畤楴潲⁷桥渠慵摩瑩湧⁡渠潲条湩穡瑩潮쎢곢蒢猠楮景牭慴楯渠獥捵物瑹⁡睡牥湥獳㰯瀾㰯摩瘾

Options:

A.

Training quizzes are designed and run by a third party company under a contract with the organization

B.

The number of security incidents logged by employees to the help desk has increased in the past year

C.

Security awareness training is run via the organization’s enterprise wide e-learning portal

D.

Security awareness training is not included as part of the on boarding process for new hires

Buy Now
Questions 70
㱤楶⁣污獳㴢煵敳瑩潮䍯湴敮琢㸼瀾䑵物湧⁡⁲敶楥眠潦⁡渠潲条湩穡瑩潮쎢곢蒢猠湥瑷潲欠瑨牥慴⁲敳灯湳攠灲潣敳献⁔桥⁉匠慵摩瑯爠湯瑩捥搠瑨慴⁴桥慪潲楴礠潦⁡汥牴猠睥牥⁣汯獥搠睩瑨潵琠牥獯汵瑩潮⸠䵡湡来浥湴⁲敳灯湤敤⁴桡琠瑨潳攠慬敲瑳⁷敲攠畮睯牫慢汥⁤略⁴漠污捫映慣瑩潮慢汥⁩湴敬汩来湣攬⁡湤⁴桥牥景牥⁴桥⁳異灯牴⁴敡洠楳⁡汬潷敤⁴漠捬潳攠瑨敭⸠坨慴⁩猠瑨攠扥獴⁷慹⁦潲⁴桥⁡畤楴潲⁴漠慤摲敳猠瑨攠獩瑵慴楯渿㰯瀾㰯摩瘾

Options:

A.

Further review closed unactioned alerts to identify mishandling of threats

B.

Omit the finding from the report as this practice is in compliance with the current policy

C.

Recommend that management enhance the policy and improve threat awareness training

D.

Reopen unactioned alerts and report to the audit committee

Buy Now
Questions 71
<摩瘠捬慳猽≱略獴楯湃潮瑥湴∾㱰㹗桩捨映瑨攠景汬潷楮朠䉅協⁥湳畲敳⁴桡琠潮汹⁡畴桯物穥搠獯晴睡牥⁩猠浯癥搠楮瑯⁡⁰牯摵捴楯渠敮癩牯湭敮琿㰯瀾㰯摩瘾

Options:

A.

Restricting read/write access to production code to computer programmers only

B.

Assigning programming managers to transfer tested programs to production

C.

A librarian compiling source code into production after independent testing

D.

Requiring programming staff to move tested code into production

Buy Now
Questions 72
<摩瘠捬慳猽≱略獴楯湃潮瑥湴∾㱰㹗桩捨映瑨攠景汬潷楮朠楳⁴桥⁐剉䵁剙⁲敡獯渠景爠慮⁉匠慵摩瑯爠瑯⁵獥⁣潭灵瑥爭慳獩獴敤⁡畤楴⁴散桮楱略猠⡃䅁味⤿㰯瀾㰯摩瘾

Options:

A.

To efficiently test an entire population

B.

To perform direct testing of production data

C.

To conduct automated sampling for testing

D.

To enable quicker access to information

Buy Now
Questions 73
<摩瘠捬慳猽≱略獴楯湃潮瑥湴∾㱰㹗桩捨映瑨攠景汬潷楮朠楳⁴桥⁍体吠捲楴楣慬⁣桡牡捴敲楳瑩挠潦⁡⁢楯浥瑲楣⁳祳瑥洿㰯瀾㰯摩瘾

Options:

A.

Registration time

B.

Throughput rate

C.

Accuracy

D.

Ease of use

Buy Now
Questions 74
<摩瘠捬慳猽≱略獴楯湃潮瑥湴∾㱰㹗桩捨映瑨攠景汬潷楮朠晡捴潲猠睩汬⁂䕓吠灲潭潴攠敦晥捴楶攠楮景牭慴楯渠獥捵物瑹慮慧敭敮琿㰯瀾㰯摩瘾

Options:

A.

Senior management commitment

B.

Identification and risk assessment of sensitive resources

C.

Security awareness training

D.

Security policy framework

Buy Now
Questions 75
㱤楶⁣污獳㴢煵敳瑩潮䍯湴敮琢㸼瀾坨慴⁩猠瑨攠灵牰潳攠潦⁡⁨祰敲癩獯爿㰯瀾㰯摩瘾

Options:

A.

Monitoring the performance of virtual machines

B.

Cloning virtual machines

C.

Deploying settings to multiple machines simultaneously

D.

Running the virtual machine environment

Buy Now
Questions 76
<摩瘠捬慳猽≱略獴楯湃潮瑥湴∾㱰㹗桩捨映瑨攠景汬潷楮朠浥瑨潤猠獨潵汤⁢攠畳敤⁴漠灵牧攠捯湦楤敮瑩慬⁤慴愠晲潭⁷物瑥ⵯ湣攠潰瑩捡氠浥摩愿㰯瀾㰯摩瘾

Options:

A.

Degauss the media.

B.

Destroy the media.

C.

Remove the references to data from the access index.

D.

Write over the data with null values.

Buy Now
Questions 77
<摩瘠捬慳猽≱略獴楯湃潮瑥湴∾㱰㹗桩捨映瑨攠景汬潷楮朠獨潵汤⁢攠牥癩敷敤⁡猠灡牴映愠摡瑡⁩湴敧物瑹⁴敳琿㰯瀾㰯摩瘾

Options:

A.

Confidentiality

B.

Data backup

C.

Redundancy

D.

Completeness

Buy Now
Questions 78
㱤楶⁣污獳㴢煵敳瑩潮䍯湴敮琢㸼瀾䄠畳敲映愠瑥汥灨潮攠扡湫楮朠獹獴敭⁨慳⁦潲杯瑴敮⁨楳⁰敲獯湡氠楤敮瑩晩捡瑩潮畭扥爠⡐䥎⤬⁡晴敲⁴桥⁵獥爠桡猠扥敮⁡畴桥湴楣慴敤Ⱐ瑨攠䉅協整桯搠潦⁩獳畩湧⁡敷⁰楮⁩猠瑯⁨慶攺㰯瀾㰯摩瘾

Options:

A.

A randomly generated pin communicated by banking personnel

B.

Banking personnel assign the user a new PIN via email

C.

The user enter a new PIN twice

D.

Banking personnel verbally assign a new PIN

Buy Now
Questions 79
<摩瘠捬慳猽≱略獴楯湃潮瑥湴∾㱰㹗桡琠楳⁡渠䥓⁡畤楴潲쎢곢蒢猠䉅協⁲散潭浥湤慴楯渠景爠浡湡来浥湴⁩映愠湥瑷潲欠癵汮敲慢楬楴礠慳獥獳浥湴⁣潮晩牭猠瑨慴⁣物瑩捡氠灡瑣桥猠桡癥潴⁢敥渠慰灬楥搠獩湣攠瑨攠污獴⁡獳敳獭敮琿㰯瀾㰯摩瘾

Options:

A.

Implement a process to test and apply appropriate patches

B.

Apply available patches and continue periodic monitoring

C.

Configure servers to automatically apply available patches

D.

Remove unpatched devices from the network

Buy Now
Questions 80
<摩瘠捬慳猽≱略獴楯湃潮瑥湴∾㱰㹗桩捨映瑨攠景汬潷楮朠獨潵汤⁍体吠捯湣敲渠慮⁉匠慵摩瑯爠牥癩敷楮朠慮⁩湴牵獩潮⁤整散瑩潮⁳祳瑥洠⡉䑓⤿㰯瀾㰯摩瘾

Options:

A.

Number of false negatives

B.

Legitimate traffic blocked by the system

C.

Number of false positives

D.

Reliability of IDS logs

Buy Now
Questions 81
<摩瘠捬慳猽≱略獴楯湃潮瑥湴∾㱰㹁⁳散畲楴礠慤浩湩獴牡瑯爠獨潵汤⁨慶攠牥慤ⵯ湬礠慣捥獳⁦潲⁷桩捨映瑨攠景汬潷楮朿㰯瀾㰯摩瘾

Options:

A.

Router configuration

B.

Password policy

C.

Security logs

D.

Services/daemons configuration

Buy Now
Questions 82
㱤楶⁣污獳㴢煵敳瑩潮䍯湴敮琢㸼瀾坨楣栠潦⁴桥⁦潬汯睩湧⁩猠瑨攠䝒䕁呅協⁣潮捥牮⁷楴栠捯湤畣瑩湧⁰敮整牡瑩潮⁴敳瑩湧渠慮⁩湴敲湡汬礠摥癥汯灥搠慰灬楣慴楯渠楮⁴桥⁰牯摵捴楯渠敮癩牯湭敮琿㰯瀾㰯摩瘾

Options:

A.

The testing could create application availability issues.

B.

The testing may identify only known operating system vulnerabilities.

C.

The issues identified during the testing may require significant remediation efforts.

D.

Internal security staff may not be qualified to conduct application penetration testing.

Buy Now
Exam Code: CISA
Exam Name: Certified Information Systems Auditor
Last Update: Oct 21, 2020
Questions: 1046

PDF + Testing Engine

$174.3  $249

Testing Engine

$157.5  $225

PDF (Q&A)

$139.3  $199